te_taipo

“the support service corrected the situation”

My thinking is that they have changed some settings to put in place flood protection. And that is triggering this plugin to capture the wrong server IP address. I would love to know more about what your server’s $_SERVER global is reporting, if you have an idea what that is feel free to email me on the above email. It would help.

However if that is not possible, I am about to upload an update, that while it may address your situation, in the event that it does not, there is an *option* now in this next update of Pareto Security to disable writing to the htaccess altogether, and rather depending solely on blocking bad requests.

Can you tell me a bit more about your server situation.

Was it doing this since you started using it, if not then what has changed recently.

Feel free to email if you want ([email protected]) I would love to get to the bottom of this.

This will be included in the next update.

No sorry. The only test PS runs is whether or not .htaccess is writeable, and it if is then it writes ip addresses, if not it just 403 blocks the request and logs it as a block rather than a ban.

PS generates its admin section nonce’s from the file modification timestamp filemtime()

In practice, that means that the nonce only changes when PS files are updated. Other uses of nonces do not apply to rendering of HTML.

There is no use of nonces used in the frontend.

2.8.7 was just released. Let me know how that goes.

I have just posted an update which will hopefully address those issues. Unfortunately I do not have a site using the Cloudflare CDN so cannot test this in the wild. However check out version 2.8.7 and let me know how this goes, this update at least better prevents admins from being banned.

I will keep this support request open for now.

Thank you for that. There is a new update coming out shortly which will fix this issue.

Can you paste in the full rule in here thanks. I will sort before the next update due out in a few days

Firstly, the quick fix:
– Enable Advanced Mode, and a Domain Name Safe List will be enabled
– In the Domain Name Safe list, add the IP addresses you want to protect, one line per IP address, also including the domain names and subdomain names of the website, one line per domain name.

Secondly, if you have time I would like to try and determine what it is about your situation that is causing this. Pareto Security should not ban any logged in administrators and editors IP address, nor should it ban the server IP address.

So when you get a chance, can you please tell me some more about your specific server set up:
– Are you using Cloudflare or some other CDN service?
– Are you using Multisite, or some other method of admininistration across several sites?
– When your home IP has been banned, were you logged in at the time, and if so what level of authentication (i.e admin, editor, author etc)
– Lastly can you paste in one of the lines from the logfile that shows the entry that banned the IP address

• This reply was modified 4 years, 4 months ago by te_taipo.

Ah that makes sense. I will look into it.

What version of PHP is installed on your webserver?

Also can you uninstall pareto security and install the latest version and see if that error repeats itself. If so can you post the new error code.

• This reply was modified 4 years, 5 months ago by te_taipo.

Thanks for reporting this. This is now fixed in the latest update.

Will take a look at this and add to the next update. Thanks for the feedback.

As mentioned, there is no real reason to expire IP addresses from htaccess unless the list is too large, which can hamper the performance of Apache. This is because this plugin only adds IP addresses that have attacked your website code.

You can manually remove IP addresses if you feel to by resetting the plugin which will remove them all, or via the log screen, remove ip addresses that are displayed there.